workin-bob

Response - testing for XSSI prevention and then strip it before proceeding.

1

It seems that a best practice to prevent cross-site script injection is to return the following string at the top of any Content-Type: application/json. The string is to force a...